Articles about Ransomware

In the past six months, FortiGuard Labs has seen a total of 10,666 ransomware variants, compared to just 5,400 in the previous half year.

In addition ransomware-as-a-service (RaaS), with its popularity on the dark web, continues to fuel an industry of criminals forcing organizations to consider ransomware settlements.

Continue reading →

On Monday, hacker group ClOp claimed to have gained access to 5TB of data from UK water supplier Thames Water and said it could change the chemical composition of the company's water supply.

Thames Water denied the reports and said it hadn't faced a cyber attack. Today it emerges that an attack has taken place but on a different company, South Staffordshire plc, the parent company of South Staffs Water and Cambridge Water.

Continue reading →

There has been a 90 percent increase in the number of healthcare organizations targeted by cyber-attacks, in comparison with the first quarter of 2022.

The latest cyber threat Landscape report from Kroll finds that while phishing continues to be the vector used for initial access, there has been a vast increase in external remote services (such as VPNs and RDP environments) being compromised, up 700 percent.

Continue reading →

New research from Accenture shows that data stolen in ransomware and other cyberattacks is being weaponized in order to carry out business email compromise (BEC) attacks.

Underground forums have sets of credentials for sale for as little as $10 that provide access to genuine corporate email accounts, making malicious emails seem genuine.

Continue reading →

Ransomware is hitting small businesses hard. But most of the legislation, regulations, and headlines focus on large businesses. The math is simple -- large businesses impact many end-users, and they have lots of money to pay lobbyists, so they wind up stealing the show when it comes to ransomware. But what about the local print shop, deli, or accounting office? Even though small businesses are suffering from ransomware 70 percent more often than large businesses (according to the Cyber Edge 2022 Cyberthreat Report), government regulations haven’t changed to accommodate them.

The U.S. Justice Department recently released a strategic plan that will investigate 65 percent of all reported ransomware attacks by 2023, but there are a few problems with this. First, the Justice Department -- or anyone else for that matter -- has no accurate accounting of how many attacks are actually occurring. Because so many attacks go unreported, there isn’t a way to certify how many ransomware attacks happen each year. Second, even if we assign credibility to 65 percent of ransomware cases, how can we or the government use this information effectively to reduce attacks? Finally, what about unreported ransomware attacks (which account for most of the attacks) on 44 percent of the U.S.’s economy: small businesses?

Continue reading →

Researchers at Sonatype have identified multiple malicious Python packages that contain ransomware scripts.

The packages are named after a legitimate, widely known library called 'Requests', with names like 'requesys', 'requesrs' and 'requesr', in order to trick developers into installing the wrong version.

Continue reading →

A new study reveals that 87 percent of the ransomware found on the dark web can be delivered via malicious macros in order to infect targeted systems.

The research from Venafi, in partnership with criminal intelligence provider, Forensic Pathways, looked at 35 million dark web URLs and forums to uncover a thriving ransomware community with highly damaging macro-enabled strains readily available.

Continue reading →

Governments, utilities and other key industries are prime targets for attack including from nation state actors and cybercriminals seeking to extract a ransom.

But David Anteliz, technical director at Skybox, believes that given the increase in tensions across the world threat actors will evolve their tactics with the use of a 'three-headed dragon approach' that goes beyond the probing we have seen so far.

Continue reading →

Ransomware is predicted to cost businesses over $265 billion worldwide by 2031 according to Cybersecurity Ventures. New research from Ottowa-based managed services firm Firewall Technical has analyzed search data relating to ransomware attacks and come up with some interesting results.

Wannacry is the most searched for ransomware attack. With 6,830 related searches every month, the ransomware is still causing problems worldwide even though it was released back in 2017.

Continue reading →

Ransomware attacks continue to impact organizations worldwide with high costs, but businesses are still largely unprepared to deal with them.

New data from Arcserve shows half of IT decision makers surveyed by Dimensional Research have been targeted by ransomware, 35 percent report their organizations were asked to pay over $100,000 in ransom payments, and 20 percent were asked to pay between $1 million to $10 million.

Continue reading →

The world of ransomware is becoming increasingly professional and it’s easier than ever for new entrants to get into the business.

A new report from Tenable looks at the ransomware ecosystem and how it has become one of the biggest threats to organizations as well as being lucrative for the criminals behind it.

Continue reading →

Although ransomware remained the most common threat last year the number of new ransomware families and unique variants discovered in 2021 decreased significantly compared to previous years.

Researchers from WithSecure suggest that this could highlight a potential opportunity to disrupt the cybercrime ecosystem that's exacerbated the problem in recent years.

Continue reading →

We've become familiar with the widespread use of ransomware, but researchers at Rapid7 have been examining the rise of a newer phenomenon, 'double extortion'.

Pioneered by the Maze ransomware group, double extortion involves cybercriminals collecting files before encrypting them. Then if the target organization refuses to pay they threaten to release sensitive information.

Continue reading →

A new report reveals that 53 percent of organizations have experienced a cyberattack on their cloud infrastructure within the last 12 months.

The 2022 Cloud Security Report from Netwrix shows that was the most common type of attack, experienced by 73 percent of respondents.

Continue reading →

A new study shows 47 percent of security leaders do not believe they will be breached despite the increasing sophistication and frequency of attacks.

The survey of 1,000 IT and security professionals across eight countries, conducted by The Enterprise Strategy Group for Illumio finds in the past two years alone 76 percent have been attacked by ransomware and 66 percent have experienced at least one software supply chain attack.

Continue reading →